Thank you, Chair and honourable members.
I'm pleased to appear before this committee, and as mentioned by the chair, I'm accompanied by Mr. Bill Galbraith, the executive director of my office.
Good afternoon, everyone.
I'm pleased to be here today to meet with you and to speak about my work as the commissioner of the Communications Security Establishment, or CSE.
You have a copy of my CV, my resumé, so I won't repeat that, but I would like to emphasize two points to start.
The first point is the value I place on the first decade of my career as a legal officer in the office of the judge advocate general of the Canadian Armed Forces, and subsequently in the active reserves for about 20 years as both defending officer and military judge at courts martial. This experience has helped me to understand CSE’s role, particularly where it involves support for the armed forces.
The second point I would make is that I have found that my decade-long experience as a judge, where independence and impartiality are paramount, has stood me in good stead during more than three years as the CSE commissioner. Determining questions of compliance with the law based on facts—the real facts, not alternative facts—as a result of reviewing CSE activities, is consistent, I would submit, with a judicial career.
If you have looked at my resumé, I have devoted a good part of my life to public service.
Being a retired or supernumerary judge of a superior court in Canada is a requirement set out in the National Defence Act, the legislation that mandates both my office and CSE.
A few key points about the role and mandate of the office I hold are, first, the commissioner is independent and at arm's length from the government. My office has its own budget granted by Parliament. I have all the powers under part II of the Inquiries Act, which give me full access to CSE facilities, files, systems, and personnel, including the power of summons or subpoena should that be necessary.
That is why I'm called a commissioner. It goes back to the Inquiries Act when the office was created back in 1996. At that time the executive director was called the commission secretary. It stayed like that for a few years until the National Defence Act was amended in 2001.
My mandate has three components. The first component is to review CSE activities to determine whether they're in compliance with the law, including with regard to the protection of privacy. This is the largest portion of my work. I have a role in protecting privacy. I know that, in Canada, we have a Privacy Commissioner who looks after all federal departments and agencies. In my case, I simply need to look after CSE, and I focus on this agency.
The second component enables me to receive complaints and to conduct any investigations I consider necessary. I must admit that complaints are rare, which reflects the foreign focus of CSE activities.
The third component gives me the duty to inform the Minister of National Defence and the Attorney General of Canada of any CSE activity I believe may not be in compliance with the law. The Commissioner's external and independent role is focused on CSE. The Commissioner assists the Minister of National Defence, who is responsible for CSE, in his accountability to Parliament for that agency and also to Canadians.
Let me provide you now with four key issues that have my attention.
My primary concern is part V.1 of the National Defence Act, the section that mandates both CSE and my office, and that came into effect as part of the Anti-terrorism Act, when it received royal assent in December 2001. That legislation is now almost 16 years old and needs, in my humble opinion, revision. Let me briefly explain.
First, there are ambiguities in part V.1 that were identified, long go, after that part came into effect. This is not surprising given that it was written in haste in the aftermath of the tragic events of September 11, 2001. My predecessors began calling for amendments over 12 years ago to remove those ambiguities. The ambiguities are, in my mind, straightforward and not controversial.
Since 2001, on the other hand, technology, the threat environment, and the legal landscape have all evolved. The law has not kept up. During the course of reviews of CSE activities, other recommendations for amendments have been made. For example, in the fall of 2015, I recommended that the law give explicit authority to CSE to collect, retain, use, and share metadata. Both the Minister of National Defence and the Minister of Justice accepted this recommendation.
The questions surrounding metadata and privacy, along with the value accorded metadata by the intelligence agencies for their work, make this a more complex issue that must be considered carefully. The challenge for the legislative drafters will be to have language that is technology neutral, so that the law will not become quickly outdated as technology changes.
My second key issue is the broader national security accountability framework and what impact it will have on the role of the CSE commissioner and the office.
The government introduced legislation to create a national security and intelligence committee of parliamentarians. I spoke about Bill C-22 before another committee last fall. I believe the greater involvement of parliamentarians who are cleared for access to classified information will help strengthen accountability and public trust. Will this happen overnight? No, but it is, in my view, an important beginning. We have considered how we might begin a productive relationship with the committee and its secretariat. This would, of course, involve the direction provided in the bill as it was presented, that the committee and each review body will take all reasonable steps to co-operate with each other to avoid any unnecessary duplication of work.
There remain, of course, many other departments and agencies that have some role in national security, but are not currently subject to reviews. I think we are talking about 17 departments and agencies right now that are not subject to any type of review.